Win10 1Tb SSD: No TPM --> No BitLocker. How to Encrypt?

No TPM.  Win 10Pro Asus machine.  Drive is 1Tb SSD.  Lots of files.  BitLocker won't work as no TMP.  What would be the easiest and most robust way to encrypt my drive?  Focus on easy, please. :P :))
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oaktreesAuthor Commented:
Hi McKnife!

Yeah, saw that aleready.  Seems like it may cause complications.  There's this line at the end of the article:

When your PC boots, you’ll have to either enter the password or insert the USB flash drive you provided. If you can’t provide the password or USB drive, BitLocker won’t be able to decrypt your drive and you won’t be able to boot into your Windows system and access your files.

What with Windows updates and/or Ghost recoverys, seems like, with that at the doorway, there'd be a lot of chance for one to get locked out of one's own system.

Anything more seamless?


That is as seamless as it gets. The line at the end, what complications do you see? Sure, you lose that password, you have a problem, but that is why we have
A backups
B the recovery key printed and/or saved at a secure location.

Ghost recovery - totally different topic. If you are worried how to restore an image of an encrypted windows (bitlocked, or whatever encryption), please ask another question.
The Five Tenets of the Most Secure Backup

Data loss can hit a business in any number of ways. In reality, companies should expect to lose data at some point. The challenge is having a plan to recover from such an event.

No disagreement with McKnife's good comments, but want to add to them.

I think you need to consider what is expected with Bitlocker or any other encryption.  If it can be accessed without anything unique (such as password or TPM), what will stop it from being accessed in another computer?  Without TPM, you can't count on your computer to have a unique signature that can't be forged.  The solution for that is to provide a password.  TPM effectively replaces the password as it provides unique keys.

What are you thinking will secure your system if you don't have TPM or a password?
oaktreesAuthor Commented:

Here's what I'm thinking: I automatically backup each day or so via Ghost or rather...Veritas, as Ghost was actually spun off from Norton - if you can believe that!  

So, running that Ghost copy each day, it's just an image.  Seems like there SHOULD be no problems, and Ghost/Veritas even says "If you've activated Bitlicker on the drive your recoveries will STILL Work."  Somehow, that seems to be for a as-designed Bitlocker.  I can see this workaround will run bitlocker on the drive.  Just worried that it will catch up if I need to recover from a Ghosted image.

In "theory" it should work.  But...

So, here's my next thought - a self-encrypted drive.  Should I post as a separate question?  Here's what I'm curious about.  If I'm using a self-encrypted drive, I'm good to go from the start.  Am I right?

Here's my goal: if I lose my notebook, don't want folks to be able to get past the Windows basic password and get to the files.
There is no "as designed" bitlocker. The presence and usage of a TPM is just a proposal. It is the safest option, as well, but it makes no difference for backup, nor for recovery.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Self encrypting drives can be used, why not, if you already have one. But these can be problematic as well, see this thread
oaktreesAuthor Commented:
Yipes!  Scary on the SED.  Thanks again for all the help.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.